Mora Project demands $40.000 for data decryption software

Mora Project is a new variant of Hidden Tear open-source ransomware project. Malware is still the in-development stage. During data encryption, it appends the .encrypted file extension to each of the targeted documents, audio, video, image and other files. Then it drops a ransom note called ReadMe_Important.txt where cyber criminals ask to pay the ransom.

In the ransom demanding message hackers request a huge amount of money – $40.000. Victims are supposed to transfer money in Bitcoins to the provided Bitcoin address. Once people make the transaction, hackers will provide a password necessary to recover files using decryption software – The-decrypter.exe file that has been installed on the desktop.

No matter how important your data is to you, paying such an enormous sum of money is not a wise decision. Cyber criminals may take the ransom and disappear. They ask to pay the ransom using Bitcoins because this payment method allows them to say untraceable. However, the size of the ransom suggests that authors of the Mora Project ransomware might be targeting businesses.[1] It’s uncommon for malware to demand such big sums of money from home computer users.

Undoubtedly, the primary task of the ransomware is to encrypt files and swindle the money. However, malware might also cause damage to the system. On the affected device it may modify or create new entries in Windows Registry. This activity is necessary for running malicious program with the system startup.

Mora Project also makes connections to particular domains and servers that allows cyber criminals to initiate numerous malicious tasks. It might install dangerous files, inject malicious codes into legitimate system processes and open backdoor. Thus, your computer and privacy are put in danger.

Having ransomware installed on your PC makes the system vulnerable and attractive for other cyber threats. Therefore, after the attack, you should hurry up with Mora Project removal. Once you find .encrypted file extension that prevents from opening documents, you have to run a full system scan with reputable malware removal tool, such as Reimage.

Unfortunately, it’s not enough to remove Mora Project from the computer to recover your files. Security software cannot decrypt data. To get back access to your files, you have to use backups or try alternative recovery methods.

The major methods of ransomware distribution

The massive distribution of Mora Project hasn’t been started yet. However, you should be aware of the main ways how ransomware can attack your computer.[2] Knowledge will help you to protect files from being taken to hostage.

Malicious email attachments. Criminals spread numerous misleading emails where they pretend to be from well-known companies, such as Amazon, FedEx, eBay, etc. They employ social engineering tactics to convince people into opening an attached document or link.

Malvertising. Mora Project virus might be distributed with the help of malware-laden ads. Usually, they are placed on potentially dangerous websites (gaming, gambling, adult-themed, etc.) However, malicious ads might also be displayed on legitimate and popular sites.

Bogus downloads and updates. Malware might also be presented as security software, PC optimization tool, and other useful software or updates on various file-sharing sites and torrents.

Exploit kits. The attack might also be launched by exploiting system vulnerabilities or security flaws that might be caused by an outdated software or operating system.

Getting rid of Mora Project ransomware

The only safe way to remove Mora Project from the PC is to run a full system scan with powerful malware removal program. Install Reimage or Reimage and run a full system scan. Within several minutes all malicious files will be terminated entirely.

We want to warn that trying to locate and delete virus-related entries manually might damage the system. Malware might affect crucial system processes and hide under legitimate system names.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Mora Project ransomware virus you agree to our privacy policy and agreement of use.

What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.

Reimage is recommended to uninstall Mora Project ransomware virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool. More information about this program can be found in Reimage review.

Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Mora Project removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

When a new window shows up, click Next and select your restore point that is prior the infiltration of Mora Project. After doing that, click Next.

Now click Yes to start system restore.

Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that Mora Project removal is performed successfully.

Bonus: Recover your data

Guide which is presented above is supposed to help you remove Mora Project from your computer. To recover your encrypted files, we recommend using a detailed guide prepared by 2-spyware.com security experts.

The best way to recover your files is to use backups. However, if you do not have them, please try our suggested alternative methods.

If your files are encrypted by Mora Project, you can use several methods to restore them: